Rewrite variables

A rewrite variable is an object that stores a dynamic value like a entry path of an request or a session id. Rewrite variables are represented as strings in the format %<variable name>% or %<variable name>[argument]%. They are, for example, useful to define generic rewrite rules that are independent of the selected mapping, virtual host, or back-end group.

Rewrite variables are available in the following areas. For variable specific exceptions see table list of rewrite variables.

Pattern and substitution fields in:

Request Actions
Response Actions
URL Encryption
CSRF Tokens
Deny Rules
Allow Rules

Redirect locations fields:

Denied access URL
URL Encryption - Invalid URL redirect location
CSRF Tokens - Invalid token redirect location

List of rewrite variables

Variable name	Description	Not available in
%ENTRYPROTOCOL%	current request protocol from the client, http or https	Redirect locations
%ENTRYHOST%	entry host of the current mapping, without port	Redirect locations
%ENTRYPORT%	entry host port number of the current mapping	Redirect locations
%ENTRYDIR%	entry path of the current mapping trimmed of trailing slashes, empty for root entry path	Mapping with regex entry path
%ENTRYPATH%	same as %ENTRYDIR% but also trimmed of leading slashes	Mapping with regex entry path
%BACKENDDIR%	back-end path of the current mapping trimmed of trailing slashes, empty for root back-end path	Mapping with regex entry path
%BACKENDPATH%	same as %BACKENDDIR% but also trimmed of leading slashes	Mapping with regex entry path
%ENTRYDIR[<mapping>]%	same as %ENTRYDIR% of mapping with name "<mapping>" ^*	–
%ENTRYPATH[<mapping>]%	same as %ENTRYPATH% of mapping with name "<mapping>" ^*	–
%BACKENDDIR[<mapping>]%	same as %BACKENDDIR% of mapping with name "<mapping>" ^*	–
%BACKENDPATH[<mapping>]%	same as %BACKENDPATH% of mapping with name "<mapping>" ^*	–
%BACKENDPROTOCOL%	back-end protocol, http or https	Redirect locations
%BACKENDHOSTNAME%	back-end host for this request, dynamically set based on current load balancing back-end host, without port	Redirect locations
%BACKENDPORT%	port number of back-end host - see above	Redirect locations
%BACKENDHOST%	combined value of back-end host and port; omitting default ports: 80, 443	Redirect locations
%VHCOOKIEDOMAIN%	the cookie domain configured in the virtual host	Redirect locations
%REQUESTID%	current request id	Patterns, Redirect locations
%SESSIONID%	current session id; "<n/a>" if no session is available	Patterns, Redirect locations
%SESSIONTIMINGINFO%	In seconds: {remaining session idle timeout}:{remaining session lifetime}	Patterns, Redirect locations
%AUDITTOKEN%	current audit token	Patterns, Redirect locations
%REMOTEADDR%	current IP address of client	Patterns, Redirect locations
%ROLES%	In seconds: {role1 name}:{remaining role1 idle timeout}:{remaining role1 lifetime},{role2 name}:{remaining role2 idle timeout}:{remaining role2 lifetime},...	Patterns, Redirect locations
%ENTRYADDR%	IP address of current entry host	Patterns, Redirect locations

^*The referenced mapping must not use a regular expression as entry path.

Example

Incoming URL:
https://example.com/webmail/inbox/index.html

Configured value		Variable value
Entry protocol is: https	→	%ENTRYPROTOCOL%: https
Entry host is: example.com	→	%ENTRYHOST%: example.com
Entry host port is: 443	→	%ENTRYPORT%: 443
Entry path is: /webmail/inbox/	→	%ENTRYDIR%: /webmail/inbox
	→	%ENTRYPATH%: webmail/inbox
Back-end protocol is: http	→	%BACKENDPROTOCOL%: http
Back-end host name is: mserv.net.local	→	%BACKENDHOSTNAME%: mserv.net.local
Back-end host port is: 8080	→	%BACKENDPORT%: 8080
	→	%BACKENDHOST%: mserv.net.local:8080
Back-end path is: /mailapplication/inbox/	→	%BACKENDDIR%: /mailapplication/inbox
	→	%BACKENDPATH%: mailapplication/inbox

Incoming URL	https://example.com/webmail/inbox/index.html
Rewrite from	%ENTRYPROTOCOL%://%ENTRYHOST%%ENTRYDIR%(/.*)?
Rewrite to	%BACKENDPROTOCOL%://%BACKENDHOST%%BACKENDDIR%$1
Back-end URL results in	http://mserv.net.local:8080/mailapplication/inbox/index.html

Literal mode

All variables are treated as literal values - characters do not have any special regular expression significance. This means, that the variable value 'www.example.com' just matches www.example.com and not www-example/com nor wwwXexampleYcom.

Technically this is achieved by internally surrounding all variables by an extra \Q .. \E span.